BOOK AN APPOINTMENT WITH AN IT SPECIALIST TODAY

Cyber Criminals Are Actively Exploiting a WordPress Plugin Zero-Day

Cyber Criminals Are Actively Exploiting a WordPress Plugin Zero-Day

The Fancy Product Designer plugin — commonly used to configure visual products on WordPress, Shopify, and WooCommerce — has been compromised. Cybercriminals are actively looking for sites that use this plugin so as to exploit a recently-discovered vulnerability.

Wordpress Security

What Is a Zero-Day Exploit?

The term zero-day exploit, or just “zero-day” or “0-day”, refers to a type of vulnerability in computer software that the software vendor is aware of but that doesn’t yet have a patch or fix. During the space of time between when the exploit becomes known and when there is a patch or fix for it, the flaw makes the affected software extremely vulnerable to sinister activity.

Naturally, zero-day vulnerabilities are never intended. They are usually found where the software company least expected to find a problem. At the same time, it is up to the software company to alert affected users and to find a patch for the flaw as soon as possible. Keeping the public and/or private software users in the loop is the best thing a software company can do to help stave off complications such as leaked or corrupted data or other compromised resources.

What Is Fancy Product Designer?

Fancy Product Designer is a plugin. In other words, it’s a type of software that complements an already-existing software program with a unique feature.

In the case of Fancy Product Designer, the website explains that the plugin enables “you and your customers to design and customize any kind of product. Limited only by your imagination it gives you absolute freedom in deciding which products and which parts of the product can be customized.” As of early June, Fancy Product Designer had been installed on over 17,000 websites worldwide. These sites include WordPress sites, Shopify sites, and WooCommerce sites.

What Are Hackers Doing With the Exploit?

The bug in the Fancy Product Designer has made it possible for hackers to take advantage of Fancy Product Designer websites by deploying executable PHP files. This, in turn, allows them to entirely take over a website in any way they please.

As the majority of websites being exploited are selling something online — either a good or a service or both — most hackers will use this newfound power to obtain order information. The affected e-commerce sites will, of course, possess information such as personal names and addresses, credit card information, and in some cases, social security numbers and other personal data.

Zero-day exploits should be announced to the affected parties as soon as possible so that actions can be taken on the company level to deter hackers and possibly disable the vulnerable plugin entirely. Security preventions vary from company to company, so some affected businesses will already have security measures in place. However, others will not.

As for the Fancy Product Designer zero-day, the product designers announced that active exploitation had been going on since January 30th, 2021. A new, patched version of the plugin has been available since June 2nd, 2021, but it must be manually downloaded.

How Can I Avoid Running Into a Zero-Day Exploit That Affects My Company?

If you are a business owner or manager, chances are, you use at least one type of software to operate your company. Unfortunately, this means you’re at risk of being exploited by zero-day vulnerabilities.

These vulnerabilities crop up from time to time and are becoming relatively normal. As software and technology, in general, becomes an increasingly large part of daily life and business affairs, and as threat actors disappointingly become more adept at their craft, zero-day vulnerabilities will continue to be a problem.

The best way to combat these vulnerabilities is to start with prevention. Choose to work only with software vendors who prioritize cybersecurity. When software is as airtight as possible, zero-days are far less likely to be a problem.

Still, they do happen. To handle them well when they occur, choose your own top team of managed service providers. Again, you want professionals who prioritize cybersecurity and those who stay abreast of zero-days that may affect your company. Cutting off connections with infected software right away can prevent major problems down the line.

If you don’t currently have a reliable managed service provider you’re working with, start speaking with companies in your area today. The sooner you ensure your business’s cybersecurity, the sooner you can rest easy when it comes to zero-day vulnerabilities.

More Like This

How New Windows Server 2022 Features Improve Hybrid Integration and Security

How New Windows Server 2022 Features Improve Hybrid Integration and Security Microsoft recently announced the preview of the latest Windows Server. The new release comes with several key features, such as Azure automanage (hotpatching) and virtualization-based security (VBS). Windows Server 2022 allows users to leverage the cloud to maximize uptime and keep virtual machines (VMs) …

How New Windows Server 2022 Features Improve Hybrid Integration and Security Read More »

Read More

AA21-201A: Chinese Gas Pipeline Intrusion Campaign, 2011 to 2013

Original release date: July 20, 2021 Summary This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. Note: CISA released technical information, including indicators of compromise (IOCs), provided in this advisory in 2012 to affected organizations and …

AA21-201A: Chinese Gas Pipeline Intrusion Campaign, 2011 to 2013 Read More »

Read More

Uncovering the Complexity and Potential Future Trends of Cyber Threats Faced by the U.S.

Uncovering the Complexity and Potential Future Trends of Cyber Threats Faced by the U.S. America’s critical infrastructure, the Federal government, and commercial institutions are undoubtedly under attack. The sophisticated cyber threats facing the country emanate from various parts of the world. A wide selection of state actors and hacker groups are working tirelessly to paralyze …

Uncovering the Complexity and Potential Future Trends of Cyber Threats Faced by the U.S. Read More »

Read More

AA21-200A: Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department

Original release date: July 19, 2021 Summary This Joint Cybersecurity Advisory was written by the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) to provide information on a Chinese Advanced Persistent Threat (APT) group known in open-source reporting as APT40. This advisory provides APT40’s tactics, techniques, and procedures (TTPs) and …

AA21-200A: Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department Read More »

Read More

AA21-200B: Chinese State-Sponsored Cyber Operations: Observed TTPs

Original release date: July 19, 2021 Summary This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9, and MITRE D3FEND™ framework, version 0.9.2-BETA-3. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques and the D3FEND framework for referenced defensive tactics and techniques. The National Security Agency, Cybersecurity …

AA21-200B: Chinese State-Sponsored Cyber Operations: Observed TTPs Read More »

Read More

Everything You Need to Know About Windows 11

Everything You Need to Know About Windows 11 In the fall of 2021, Windows will be releasing its new operating system: Windows 11. Big improvements and new features are on the horizon for this new OS. Let’s take a look at what you can expect. What’s New With Windows 11? We all know that past …

Everything You Need to Know About Windows 11 Read More »

Read More